Commit Graph

289 Commits

Author SHA1 Message Date
Daniel García 5529264c3f
Basic ratelimit for user login (including 2FA) and admin login 2021-12-22 21:48:49 +01:00
BlackDex e327583aa5
Enabled trust-dns and some updates.
- Enabled trust-dns feature which seems to help a bit when DNS is
causing long timeouts. Though in the blocking version it is less visible
then on the async branch.
- Updated crates
- Removed some redundant code
- Updated javascript/css libraries

Resolves #2118
Resolves #2119
2021-12-01 19:01:55 +01:00
BlackDex c453528dc1
Macro recursion decrease and other optimizations
- Decreased `recursion_limit` from 512 to 87
  Mainly done by optimizing the config macro's.
  This fixes an issue with the rust-analyzer which doesn't go beyond 128
- Removed Regex for masking sensitive values and replaced it with a map()
  This is much faster then using a Regex.
- Refactored the get_support_json macro's
- All items above also lowered the binary size and possibly compile-time
- Removed `_conn: DbConn` from several functions, these caused unnecessary database connections for functions who didn't used that at all
- Decreased json response for `/plans`
- Updated libraries and where needed some code changes
  This also fixes some rare issues with SMTP https://github.com/lettre/lettre/issues/678
- Using Rust 2021 instead of 2018
- Updated rust nightly
2021-11-06 17:44:53 +01:00
Daniel García 97f9eb1320
Update dependencies 2021-10-24 21:50:26 +02:00
Daniel García 016fe2269e
Update dependencies 2021-10-18 22:14:29 +02:00
BlackDex 9375d5b8c2 Updated icon downloading
- Unicode websites could break (www.post.japanpost.jp for example).
  regex would fail because it was missing the unicode-perl feature.
- Be less verbose in logging with icon downloads
- Removed duplicate info/error messages
- Added err_silent! macro to help with the less verbose error/info messages.
2021-09-24 18:27:52 +02:00
Daniel García 0bb33e04bb
Update dependencies and ser cargo resolver to version 2 ahead of 2021 edition 2021-09-22 20:26:48 +02:00
Ben Armstead 8af4b593fa Update dependencies in cargo.toml 2021-09-16 15:58:49 +01:00
BlackDex 89b5f7c98d Dependency updates
Updated several dependencies and switch to different totp library.

- Switch oath with totp-lite
  oauth hasn't been updated in a long while and some dependencies could not be updated any more
  It now also validates a preseeding 0, as the previous library returned an int instead of a str which stripped a leading 0
- Updated rust to the current latest nightly (including build image)
- Updated bootstrap css and js
- Updated hadolint to latest version
- Updated default rust image from v1.53 to v1.54
- Updated new nightly build/clippy messages
2021-08-22 13:46:48 +02:00
BlackDex ffdcafa044 Fix WebAuthn issues and some small updates
- Updated some packages
- Updated code related to package updates.
- Disabled User Verification enforcement when WebAuthn Key sends UV=1
  This makes it compatible with upstream and resolves #1840
- Fixed a bug where removing an individual WebAuthn key deleted the wrong key.
2021-07-25 14:49:55 +02:00
Daniel García c546a59c38
Dependency updates 2021-07-15 19:18:16 +02:00
BlackDex ee391720aa Fixes issue with multiple security keys.
- Updated webauthn-rs commit hash to resolve #1796
2021-06-27 18:12:27 +02:00
Daniel García f44b2611e6
Update rust toolchain and dependencies 2021-06-25 20:53:26 +02:00
Daniel García 0cd065d354
Update webauthn-rs crate to upstream version 2021-06-19 21:25:55 +02:00
Daniel García c380d9c379
Support for webauthn and u2f->webauthn migrations 2021-06-16 19:06:40 +02:00
Jeremy Lin 06cde29419 Update dependencies
Notably, update `diesel` to 1.4.7 and `libsqlite3-sys` to 0.22.2 to pick up
the fix for CVE-2021-20227 added in SQLite 3.34.1.
2021-06-09 01:44:29 -07:00
BlackDex f270f2ed65 Updated icon fetching and crates.
- Updated some crates
- Updated icon fetching code:
  + Use a cookie jar and set Max-Age to 2 minutes for all cookies
  + Locate the base href tag to fix some locations
  + Changed User-Agent (Helps on some sites to get HTML instead of JS)
  + Reduced HTML code limit from 512KB to 384KB
  + Allow some large icons higer-up in the sort
  + Allow GIF images
  + Ignore cookie_store and hyper::client debug messages
2021-05-16 15:29:13 +02:00
BlackDex 7cb19ef767 Updated branding, email and crates
- Updated branding for admin and emails
- Updated crates and some deprications
- Removed newline-converter because this is built-in into lettre
- Updated email templates to use a shared header and footer template
- Also trigger SMTP SSL When TLS is selected without SSL
  Resolves #1641
2021-05-08 17:46:31 +02:00
Daniel García f76b8a32ca
Update dependencies 2021-05-02 17:48:06 +02:00
rkowalewski 48482fece0
Merge branch 'main' into fix-libressl-332 2021-04-29 08:34:10 +02:00
Roger Kowalewski 1dc1d4df72 update openssl crate to support LibreSSL 3.3.2 2021-04-29 10:04:08 +02:00
Daniel García 34ea10475d
Project renaming 2021-04-27 23:18:32 +02:00
Daniel García ced7f1771a
Update dependencies 2021-04-15 18:38:00 +02:00
Jake Howard f7056bcaa5
Enable socks feature for reqwest
This allowed HTTP_PROXY be set with a socks5 proxy
2021-04-07 19:25:02 +01:00
Jeremy Lin 73ff8d79f7 Add a generic job scheduler
Also rewrite deletion of old sends using the job scheduler.
2021-04-05 23:07:15 -07:00
BlackDex 3a3390963c Icon and SMTP Debug fixes.
- We need to add some feature to enable smtp debugging again. See: https://github.com/lettre/lettre/pull/584
- Upstream added the fallback icon again, probably because of caching ;). See: https://github.com/bitwarden/server/pull/1149
- Enabled gzip and brotli compression support with reqwest. Some sites seem to force this, or assume that because of the User-Agent string it is supported. This caused some failed icons.

Fixes #1540
2021-03-29 10:27:58 +02:00
Daniel García 3e4ff47a38
Update dependencies, particularly openssl to 1.1.1k 2021-03-25 20:05:20 +01:00
Daniel García f9ebb780f9
Update dependencies 2021-03-22 20:00:57 +01:00
Daniel García 431462d839
Update dependencies and enable serde integration for chrono 2021-03-13 22:02:11 +01:00
Daniel García dad1b1bee9
Updated dependencies 2021-03-06 22:04:01 +01:00
Daniel García 9117095764
Update dependencies and web vault 2021-02-24 20:30:19 +01:00
Daniel García c836f88ff2
Remove soup and use a newer html5ever directly 2021-02-07 22:28:02 +01:00
Daniel García 8b660ae090
Swap structopt for a simpler alternative 2021-02-07 20:10:40 +01:00
Daniel García 0680638933
Update dependencies 2021-02-06 16:49:28 +01:00
BlackDex 5860679624 Updated dependencies and small mail fixes
- Updated rust nightly
- Updated depenencies
- Removed unicode support for regex (less dependencies)
- Fixed dependency and nightly changes/deprications
- Some mail changes for less spam point triggering
2021-01-31 20:07:42 +01:00
Daniel García 46df3ee7cd
Updated insecure ws dependency and general dep updates 2020-12-15 22:23:12 +01:00
BlackDex d46a6ac687 Updated dependencies and Dockerfiles
- Updated crates
- Updated rust-toolchain
- Updated Dockerfile to use latest rust 1.48 version
- Updated AMD64 Alpine to use same version as rust-toolchain and support
  PostgreSQL.
- Updated Rocket to the commit right before they updated hyper.
  Until that update there were some crates updated and some small fixes.
  After that build fails and we probably need to make some changes
(which is probably something already done in the async branch)
2020-12-04 13:38:42 +01:00
BlackDex 6faaeaae66 Updated email processing.
- Added an option to enable smtp debugging via SMTP_DEBUG. This will
  trigger a trace of the smtp commands sent/received to/from the mail
server. Useful when troubleshooting.
- Added two options to ignore invalid certificates which either do not
  match at all, or only doesn't match the hostname.
- Updated lettre to the latest alpha.4 version.
2020-11-18 12:07:08 +01:00
Daniel García 63acc8619b
Update dependencies 2020-11-07 23:01:04 +01:00
Daniel García c577ade90e
Updated dependencies 2020-10-15 23:44:35 +02:00
Daniel García ab4355cfed
Updated web vault, dependencies and base docker images 2020-10-03 20:50:13 +02:00
Eduardo Sánchez Muñoz 2f7fbde789 Add `vendored_openssl` feature.
This feature enables the `vendored` feature from the `openssl` crate and build a statically linked version of openssl.
2020-09-25 23:25:53 +02:00
Daniel García dbc082dc75
Update web vault to 2.16.0 and dependencies 2020-09-19 22:01:14 +02:00
BlackDex 844cf70345 Updated lettre (and other crates) and workflow.
General:
- Updated several dependancies

Lettre:
- Updateded lettere and the workflow
- Changed encoding to base64
- Convert unix newlines to dos newlines for e-mails.
- Created custom e-mail boundary (auto generated could cause errors)

Tested the e-mails sent using several clients (Linux, Windows, MacOS, Web).
Run msglint (https://tools.ietf.org/tools/msglint/) on the generated e-mails until all errors were gone.

Lettre has changed quite some stuff compared between alpha.1 and alpha.2, i haven't noticed any issues sending e-mails during my tests.
2020-09-11 23:52:20 +02:00
Daniel García 0365b7c6a4
Add support for multiple simultaneous database features by using macros.
Diesel requires the following changes:
- Separate connection and pool types per connection, the generate_connections! macro generates an enum with a variant per db type
- Separate migrations and schemas, these were always imported as one type depending on db feature, now they are all imported under different module names
- Separate model objects per connection, the db_object! macro generates one object for each connection with the diesel macros, a generic object, and methods to convert between the connection-specific and the generic ones
- Separate connection queries, the db_run! macro allows writing only one that gets compiled for all databases or multiple ones
2020-08-24 20:11:17 +02:00
Jeremy Lin d9684bef6b Generate tokens more simply and uniformly 2020-08-22 16:07:53 -07:00
Daniel García 171b174ce9
Update dependencies 2020-08-12 18:46:28 +02:00
Daniel García 32cfaab5ee
Updated dependencies and changed rocket request imports 2020-07-23 21:07:04 +02:00
Daniel García 1e950c7dbc
Replace IP support in preparation for compiling on stable, included some tests to check that the code matches the unstable implementation 2020-07-15 00:00:03 +02:00
Daniel García fb6f96f5c3
Updated dependencies 2020-07-14 16:08:11 +02:00
Jeremy Lin a28ebcb401 Use local time in email notifications for new device logins
In this implementation, the `TZ` environment variable must be set
in order for the formatted output to use a more user-friendly
time zone abbreviation (e.g., `UTC`). Otherwise, the output uses
the time zone's UTC offset (e.g., `+00:00`).
2020-07-07 21:30:18 -07:00
Daniel García 596c9b8691
Add option to set name during HELO in email settings 2020-07-05 01:59:15 +02:00
Daniel García d4357eb55a
Updated dependencies ans web vault version 2020-07-05 01:38:16 +02:00
Daniel García b34d548246
Update dependencies 2020-06-22 17:15:20 +02:00
Daniel García a2411eef56
Updated dependencies 2020-06-15 23:04:52 +02:00
Daniel García 5e802f8aa3
Update lettre to alpha release instead of git commit, and update the rest of dependencies while we are at it 2020-05-31 17:58:06 +02:00
Daniel García 80d4061d14
Update dependencies 2020-05-14 00:18:18 +02:00
Daniel García 6c5e35ce5c
Change the mails content types to more closely match what we sent before 2020-05-07 00:51:46 +02:00
Daniel García 63cbd9ef9c
Update lettre to latest master 2020-05-03 17:41:53 +02:00
Daniel García 9cca64003a
Remove unused dependency and simple feature, update dependencies and fix some clippy lints 2020-05-03 17:24:51 +02:00
Daniel García 4be8dae626
Make web vault show a more informative error when browsers block WebCrypto in insecure contexts and update dependencies 2020-04-09 22:54:31 +02:00
Daniel García ccf6ee79d0
Update dependencies, mainly diesel and sqlite 2020-03-24 20:36:19 +01:00
Daniel García 7d9c7017c9
Merge pull request #911 from BlackDex/upgrade-rocket
Upgrade rocket
2020-03-16 18:17:17 +01:00
BlackDex bd09fe1a3d Updated code so backtraces are logged also. 2020-03-16 17:53:22 +01:00
BlackDex 3ce0c3d1a5 Update dependencies
Primarily updating rocket, which needed some dependencies

Latest versions of:
 - ring
 - time
 - jsonwebtoken
 - yubico
 - rocket (git)
2020-03-16 16:32:33 +01:00
BlackDex 1b4b40c95d Updated reqwest to the latest version.
- Use the blocking client (no async).
- Disabled gzip.
- use_sys_proxy is now default.
2020-03-14 23:12:45 +01:00
Daniel García 70f3ab8ec3
Migrate lazy_static to once_cell, less macro magic and slightly faster 2020-03-09 22:04:03 +01:00
Daniel García b6612e90ca
Update dependencies 2020-03-09 22:00:59 +01:00
zethra cc404b4edc
Added command line flags for help and version
Signed-off-by: zethra <benaagoldberg@gmail.com>
2020-03-02 15:51:57 -05:00
Daniel García def174a517
Convert email domains to punycode 2020-01-30 22:11:53 +01:00
Daniel García ff7b4a3d38
Update handlebars to 3.0 which included performance improvements.
Updated lettre to newer git revision, which should give better error messages now.
2020-01-26 15:29:14 +01:00
Daniel García 84ed185579
Update u2f to 0.2, which requires OpenSSL but also might solve the problems we've had with certificates.
The rust image doesn't need installing curl or tar, so removed. Also collapsed ENV lines.
2020-01-19 21:34:13 +01:00
Daniel García 9ebca99290
Update dependencies 2020-01-10 18:37:16 +01:00
Daniel García c058a1d63c
Make sure handlebars is not updated, as the next patch version has breaking changes 2020-01-05 00:12:35 +01:00
Daniel García 95dd1cd7ad
Use rmp upstream version 2019-12-31 02:00:16 +01:00
Daniel García 4cec502f7b
Update docker images to alpine 3.11 and rust 1.40 2019-12-22 21:42:13 +01:00
Daniel García f09996a21d
Updated dependencies 2019-12-15 15:43:56 +01:00
Daniel García a5aa4d9b54
Updated dependencies 2019-12-06 22:07:25 +01:00
Daniel García 1e224220a8
Updated deps and fixed some lints 2019-11-28 21:59:05 +01:00
Daniel García 607521c88f
Updated dependencies 2019-11-24 14:50:43 +01:00
BlackDex b209c1bc4d Add an option to fetch and parse href="data:image"
Some sites are using base64 encoded inline images for favicons.
This will try to match those with some sane checks and return that.
These icons will have lower prio then the icons with a normal URL.
2019-11-22 13:16:12 +01:00
Daniel García cbadf00941
Update web vault to fix twofactorauth.org integration
Update dependencies and toolchain
Update included equivalent domains with upstream changes
2019-11-19 20:30:09 +01:00
BlackDex cbb92bcbc0 Updated dependencies
Updated some dependencies and used a git patch for lettre addressing
timeouts.
2019-11-06 21:37:51 +01:00
BlackDex 3442eb1b9d Trying to fix issue #687
- Using an older commit from rocket repo
2019-11-04 14:30:24 +01:00
Daniel García 72a46fb386
Update dependencies 2019-11-02 17:39:27 +01:00
Daniel García fccc0a4b05
Update rocket to latest master
Downgrade rust version to fix cargo issue
Set rustup profile to minimal
2019-10-25 21:48:10 +02:00
Daniel García 57b1d3f850
Update dependencies and docker base images 2019-10-24 20:37:17 +02:00
Daniel García 83fd44eeef
Update rust version and use minimal profile for CI 2019-10-15 21:21:37 +02:00
Daniel García d3bd2774dc
Update dependencies to use newer SQLite 2019-10-11 22:49:47 +02:00
Daniel García 662bc27523
Updated dependencies and fixed disable_admin_token description 2019-10-08 19:33:27 +02:00
Daniel García b73ff886c3
Use upstream rmp 2019-09-17 19:47:51 +02:00
Michael Powers f5f9861a78
Adds support for PostgreSQL which resolves #87 and is mentioned in #246.
This includes migrations as well as Dockerfile's for amd64.

The biggest change is that replace_into isn't supported by Diesel for the
PostgreSQL backend, instead requiring the use of on_conflict. This
unfortunately requires a branch for save() on all of the models currently
using replace_into.
2019-09-12 16:12:22 -04:00
Daniel García df8114f8be
Updated client kdf iterations to 100000 and fixed some lints 2019-09-05 21:56:12 +02:00
Daniel García 469318bcbd
Updated dependencies and web vault version 2019-08-27 21:14:15 +02:00
Daniel García 9101d6e48f
Update dependencies 2019-08-18 19:31:54 +02:00
Daniel García c9c3f07171
Updated dependencies and fixed panic getting icons 2019-07-30 19:42:05 +02:00
Daniel García 05a1137828
Move backend checks to build.rs to fail fast, and updated dependencies 2019-07-09 17:26:34 +02:00
Nick Fox 2e300da057
Fix #468 - Percent-encode the email address in invite link 2019-07-02 22:55:13 -04:00
Daniel García 76f38621de
Update dependencies and remove unwraps from Cipher::to_json 2019-06-14 22:51:50 +02:00
Daniel García 9add8e19eb
Update dependencies and remove travis unused feature 2019-06-02 00:28:20 +02:00
Nils Domrose ee277de707 include libsqlite3-sys optionally, removed non common features 2019-05-27 23:31:56 +02:00
Nils Domrose c11f47903a revert include libsqlite3-sys optionally 2019-05-27 23:18:45 +02:00
Nils Domrose 6a5f1613e7 include libsqlite3-sys optionally 2019-05-27 23:07:47 +02:00
Nils Domrose dc36f0cb6c re-added sqlite check_db code, cleanup 2019-05-27 22:58:52 +02:00
Nils Domrose ff759397f6 initial mysql support 2019-05-26 23:03:05 +02:00
Emil Madsen ab95a69dc8 Rework migrations for MySQL 2019-05-20 21:12:41 +02:00
Daniel García c0b2877da3
Update deps and swap back to official u2f crate again 2019-05-17 15:39:36 +02:00
Daniel García 95f833aacd
Update dependencies to use new ring 2019-05-15 18:10:25 +02:00
Daniel García 4f45cc081f
Update ring to 0.14, jwt to 6.0, and u2f 2019-05-11 23:18:18 +02:00
Daniel García 2a4cd24c60
Updated web vault to hide org plans again and updated dependencies 2019-05-11 22:27:51 +02:00
Daniel García eadab2e9ca
Updated dependencies 2019-04-26 22:07:00 +02:00
Daniel García 621f607297
Update dependencies and fix some warnings 2019-04-11 15:40:19 +02:00
Daniel García cfbeb56371
Implement user duo, initial version
TODO:
- At the moment each user needs to configure a DUO application and input the API keys, we need to check if multiple users can register with the same keys correctly and if so we could implement a global setting.
- Sometimes the Duo frame doesn't load correctly, but canceling, reloading the page and logging in again seems to fix it for me.
2019-04-05 22:09:53 +02:00
Daniel García 3bb46ce496
Make the syslog crate non-optional when available 2019-04-02 22:35:22 +02:00
Daniel García c5832f2b30
With the latest fern, syslog can be a config option instead of a build flag 2019-03-29 20:27:20 +01:00
BlackDex 6b686c18f7 Fixed long e-mail message extending 1000 lines.
- Added quoted_printable crate to encode the e-mail messages.
- Change the way the e-mail gets build to use custom part headers.
2019-03-25 09:48:19 +01:00
Daniel García 349cb33fbd
Updated dependencies 2019-03-23 19:48:22 +01:00
Daniel García 084bc2aee3
Use final release of lettre and update dependencies 2019-03-17 14:43:22 +01:00
Daniel García a25bfdd16d
Remove unused features from multipart (integration with other servers) 2019-03-13 15:57:00 +01:00
Daniel García 27872f476e
Update dependencies 2019-03-07 20:22:08 +01:00
Daniel García 10756b0920
Update dependencies and fix some lints 2019-02-27 17:21:04 +01:00
Daniel García 5ee04e31e5
Updated dependencies, removed some unnecessary clones and fixed some lints 2019-02-20 17:54:18 +01:00
Daniel García 274ea9a4f2
Use the latest fast_chemail crate directly, with the fix 2019-02-15 14:39:30 +01:00
Daniel García ff2fbd322e
Update deps and fix email check 2019-02-12 15:01:02 +01:00
Daniel García 3db815b969
Implemented config form and fixed config priority 2019-02-06 17:34:30 +01:00
Daniel García 20d8d800f3
Updated dependencies 2019-02-06 17:34:29 +01:00
BlackDex 9657463717 Added better favicon downloader. 2019-01-27 15:39:19 +01:00
Daniel García a1dc47b826
Change config to thread-safe system, needed for a future config panel.
Improved some two factor methods.
2019-01-25 18:24:57 +01:00
Daniel García 9d027b96d8
Update web-vault to fix U2F NotTrustedAnchor error 2019-01-24 18:43:22 +01:00
Daniel García ce42b07a80
Update Diesel to 1.4 and other dependencies 2019-01-21 15:29:52 +01:00
Daniel García e0aec8d373
Use new i64::to_be_bytes and remove byteorder dep
(https://doc.rust-lang.org/stable/std/primitive.i64.html#method.to_be_bytes)
2019-01-16 22:14:17 +01:00
Daniel García 19b6bb0fd6
Initial stab at templates 2019-01-15 15:28:46 +01:00
Daniel García 60f6a350be
Update yubico to fix OpenSSL error 2019-01-13 14:37:17 +01:00
Daniel García f571df7367
Revert yubikey feature, not needed anymore 2019-01-12 15:28:41 +01:00
Daniel García de51bc782e
Updated dependencies, removing need for yubico fork 2019-01-12 15:23:46 +01:00
Daniel García 1d034749f7
Fix AArch64 build by disabling yubico 2019-01-10 23:54:01 +01:00
Daniel García 1b11445bb2
Update dependencies and web vault 2019-01-08 20:28:17 +01:00
Daniel García 5f49ecd7f3
Updated dependencies to use u2f crate directly, and some style changes 2019-01-04 00:25:38 +01:00
Daniel García 72ed05c4a4
Add build script to get some Git info to later show in admin panel, and add some metadata to Cargo.toml 2018-12-30 21:43:57 +01:00
Daniel García adb8052689
Updated Error to implement Display and Debug, instead of using custom methods 2018-12-30 21:43:56 +01:00
Daniel García f2ab25085d
Updated dependencies, and dockerfiles to use NodeJS 10 LTS 2018-12-11 16:42:52 +01:00
Daniel García 94810c106a
Migrate to rust 2018 edition 2018-12-07 02:05:45 +01:00
Daniel García 2fde4e6933
Implemented proper logging, with support for file logging, timestamp and syslog (this last one is untested) 2018-12-06 20:35:25 +01:00
Daniel García 259a2f2982
Updated rocket to final release 2018-12-06 20:15:22 +01:00
Daniel García 8b5d97790f
Updated rocket to rc2 and rest of dependencies 2018-12-01 14:29:19 +01:00
Daniel García e5af230315
Merge branch 'master' into rocket-0.4
# Conflicts:
#	Cargo.toml
2018-11-19 20:45:42 +01:00
Daniel García a1da82c868
Add online feature to yubico 2018-11-19 20:45:11 +01:00
Daniel García a4550e51ea
Update dependencies and add /ciphers/create 2018-11-19 20:21:02 +01:00
Daniel García 5edbd0e952
Merge branch 'master' into rocket-0.4
# Conflicts:
#	Cargo.lock
#	Cargo.toml
#	src/api/core/mod.rs
2018-11-19 19:52:43 +01:00
Stepan Fedorko-Bartos 5a8d5e426d Switches to Downstream yubico with Optional libusb 2018-11-16 11:28:20 -07:00